1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

No email bounce log action from Amazon SES spam complaints

Discussion in 'XenForo Suggestions' started by Mouth, May 15, 2016.

  1. Mouth

    Mouth Well-Known Member

    When a user marks email received from your site as 'spam' in their mail application, the majority of mail applications will then send a spam/abuse notification back to the sending server complaints process.

    For Amazon SES, they then send/forward an email to you of the spam/abuse complaint initiated by the recipient to your Bounced Email Address. Refer https://sesblog.amazon.com/blog/tag/abuse+complaint

    When xF processes this spam/abuse complaint to your bounces inbox, no action is taken.

    Screen Shot 2016-05-15 at 12.05.57.png

    As per above blog, I believe it should be processed and mark the user state as email invalid (bounced). (Or even better, an additional user state of "email invalid (spam report)")

    Here's a sample spam/abuse report email ("<redacted>" added by me) that comes to xf bounces inbox ...
    Code:
    Delivered-To: bounces+7893a4dc+<redacted>=yahoo.com.au@<redacted>.com.au
    Received: by 10.202.171.74 with SMTP id u71csp470804oie; Fri, 13 May 2016
    14:40:02 -0700 (PDT)
    X-Received: by 10.66.152.201 with SMTP id va9mr26178294pab.73.1463175602646;
    Fri, 13 May 2016 14:40:02 -0700 (PDT)
    Return-Path: <no-reply@amazonses.com>
    Received: from a27-9.smtp-out.us-west-2.amazonses.com
    (a27-9.smtp-out.us-west-2.amazonses.com. [54.240.27.9]) by mx.google.com with
    ESMTPS id a3si26505755pfb.217.2016.05.13.14.40.02 for
    <bounces+7893a4dc+<redacted>=yahoo.com.au@<redacted>.com.au> (version=TLS1
    cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 13 May 2016 14:40:02 -0700
    (PDT)
    Received-SPF: pass (google.com: domain of no-reply@amazonses.com designates
    54.240.27.9 as permitted sender) client-ip=54.240.27.9;
    Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify)
    header.i=@arf.mail.yahoo.com; spf=pass (google.com: domain of
    no-reply@amazonses.com designates 54.240.27.9 as permitted sender)
    smtp.mailfrom=no-reply@amazonses.com
    X-Original-To: complaints@email-abuse.amazonaws.com
    Delivered-To: complaints@email-abuse.amazonaws.com
    DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=arf.mail.yahoo.com;
    s=arf; t=1463175600; bh=JA0DfLoWSnvhMk580J67urAR0K7gCZqQ9TKYs4ruNEA=;
    h=Date:From:To:Subject:From:Subject;
    b=YK7XkRpp5vjWWJ2wTJMNqL6FOmPrYqdyclIrBL68go84/DCB6BEURpYNnDQ+sTIH47JJtcFQYX9VO1nfqPYj6W+QjcksfxSUjnrbIBn+dZo4haV9vyuiyUHtDYGYOoS5cuAU5KFFe5xnKOFK+wp6ctW4i2EglEO8rC/u542Z1fM=
    X-Yahoo-Newman-Id: cfl-test
    MIME-Version: 1.0
    Content-Transfer-Encoding: 7bit
    Content-Type: multipart/report; boundary="_----------=_14631756006709";
    report-type="feedback-report"
    X-Mailer: MIME::Lite 3.028 (F2.82; A2.11; B3.13; Q3.13)
    Date: Fri, 13 May 2016 21:40:01 +0000
    From: complaints@us-west-2.email-abuse.amazonses.com
    To: bounces+7893a4dc+<redacted>=yahoo.com.au@<redacted>.com.au
    X-Yahoo-Newman-Property: cfl
    Message-ID: <01010154ac0fdc08-3f04390a-1953-11e6-bf3a-518ba1613008-000000@us-west-2.amazonses.com>
    X-SES-Outgoing: 2016.05.13-54.240.27.9
    
    This is a multi-part message in MIME format.
    
    --_----------=_14631756006709
    MIME-Version: 1.0
    Content-Disposition: inline
    Content-Transfer-Encoding: 7bit
    Content-Type: text/plain; charset="US-ASCII"
    X-Mailer: MIME::Lite 3.028 (F2.82; A2.11; B3.13; Q3.13)
    Date: Fri, 13 May 2016 21:40:00 +0000
    
    This is an email abuse report for an email message received from 54.240.27.34  on Fri, 13 May 2016 16:39:32 UTC
    
    --_----------=_14631756006709
    Content-Disposition: inline
    Content-Transfer-Encoding: 7bit
    Content-Type: message/feedback-report
    
    Feedback-Type: abuse
    User-Agent: Yahoo!-Mail-Feedback/1.0
    Version: 0.1
    Original-Mail-From: <01010154aafcb9d8-90945e40-33ed-4290-ba4a-4bf13e2bef7d-000000@us-west-2.amazonses.com>
    Original-Rcpt-To: <redacted>@yahoo.com.au
    Received-Date: Fri, 13 May 2016 16:39:32 UTC
    Source-IP: 54.240.27.34
     
    Mijo, jauburn and Xon like this.
  2. Mike

    Mike XenForo Developer Staff Member

    This isn't a bounce indication, so this is the correct behavior. This isn't something we would expect to cover in a bounced email handler. As such, I think this is more correctly considered a suggestion.

    What Amazon is doing here isn't 100% the "standard", though it's a reasonable approach. In a direct feedback loop, this feedback would be sent to a specific address (see various examples here: http://wiki.asrg.sp.am/wiki/Feedback_loop_links_for_some_email_providers). Presumably Amazon is parsing out the feedback report and the original envelope sender and sending the feedback there. With VERP, we are able to identify the original email at least which would allow an action, but without that, there isn't an action we would take (as we can't verify the report as XenForo-triggered).
     
  3. Mouth

    Mouth Well-Known Member

    Yes, technically.
    But I believe the result and action should be the same handling. If someone is initiating a complaint about receiving your site email, then treatment and resulting action should be the same.
     
  4. Mike

    Mike XenForo Developer Staff Member

    My secondary point is also that in general, feedback look emails go to a standardized address (based on sender or IP of the sender), rather than back the original envelope sender. This appears to be something Amazon is doing specifically. I'd be interested to know if any other SMTP providers do this (and whether they include the original email, as it appears Amazon doesn't).

    There's also ambiguity in the action that you might want to take. If someone is making a spam complaint for a watched thread notification, stopping their email notifications for watched threads may be what should technically be done. (I take that if they're doing this, they probably don't care about your site and thus it likely doesn't matter what action is taken as long as the emails stop.)
     
  5. Mouth

    Mouth Well-Known Member

    Here's another example, bounce email from Amazon SES but not being recognised/processed by XF ...

    Code:
    Delivered-To: <redacted>
    Received: by 10.202.117.68 with SMTP id q65<redacted>41oic; Thu, 7 Jul 2016
    00:24:52 -0700 (PDT)
    X-Received: by 10.98.16.156 with SMTP id 28mr277<redacted>876291896; Thu,
    07 Jul 2016 00:24:51 -0700 (PDT)
    Return-Path: <01010155c43eb2fc-<redacted>-258779af5cb5-000000@us-west-2.amazonses.com>
    Received: from a27-84.smtp-out.us-west-2.amazonses.com
    (a27-84.smtp-out.us-west-2.amazonses.com. [54.240.27.84]) by mx.google.com
    with ESMTPS id n17si2816949pfi.210.2016.07.07.00.24.51 for
    <redacted> (version=TLS1 cipher=ECDHE-RSA-AES128-SHA
    bits=128/128); Thu, 07 Jul 2016 00:24:51 -0700 (PDT)
    Received-SPF: pass (google.com: domain of
    01010155c43eb2fc-<redacted>-000000@us-west-2.amazonses.com
    designates 54.240.27.84 as permitted sender) client-ip=54.240.27.84;
    Authentication-Results: mx.google.com; dkim=pass header.i=@amazonses.com;
    spf=pass (google.com: domain of
    01010155c43eb2fc-<redacted>-000000@us-west-2.amazonses.com
    designates 54.240.27.84 as permitted sender)
    smtp.mailfrom=01010155c43eb2fc-<redacted>-000000@us-west-2.amazonses.com
    DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple;
    s=gdwg2y<redacted>5hhxx; d=amazonses.com; t=1467876291;
    h=Date:From:To:Message-ID:Subject:MIME-Version:Content-Type:Content-Transfer-Encoding:Feedback-ID;
    bh=/cHQVG<redacted>VvrODJko=;
    b=ivTo3U6ik<redacted>cdDwBDDvn8tqF
    Tn78xpicCiDP6<redacted>B4GAkCLh7OPDr
    ONra+Q<redacted>m8+StEVCzHk0=
    Date: Thu, 7 Jul 2016 07:24:51 +0000
    From: Netrider Bounces <no-reply@sns.amazonaws.com>
    To: <redacted>
    Message-ID: <01010155c43eb2fc-<redacted>-000000@us-west-2.amazonses.com>
    Subject: AWS Notification Message
    MIME-Version: 1.0
    Content-Type: text/plain; charset=UTF-8
    Content-Transfer-Encoding: 7bit
    x-amz-sns-message-id: ee5f79<redacted>acd0e8583c
    x-amz-sns-subscription-arn: arn:aws:sns:us-west-2:403791450681:netrider-bounces:ac8d<redacted>5adb44e
    X-SES-Outgoing: 2016.07.07-54.240.27.84
    Feedback-ID: 1.us-west-2.c55J8LO2<redacted>80AUVC/G8=:AmazonSES
    
    {"notificationType":"Bounce","bounce":{"bounceType":"Permanent","bounceSubType":"General","bouncedRecipients":[{"emailAddress":"cmb84_<redacted>eva@hotmail.com","action":"failed","status":"5.3.0","diagnosticCode":"smtp; 550 Requested action not taken: mailbox unavailable"}],"timestamp":"2016-07-07T07:24:51.196Z","feedbackId":"01010155c43eb2<redacted>7f05f-000000","reportingMTA":"dsn; a27-116.smtp-out.us-west-2.amazonses.com"},"mail":{"timestamp":"2016-07-07T07:24:49.000Z","source":"bounces+e3cb9fd8+cmb84_<redacted>eva=hotmail.com@netrider.com.au","sourceArn":"arn:aws:ses:us-west-2:40379<redacted>m.au","sendingAccountId":"403791450681","messageId":"01010155c43eab02-<redacted>d-000000","destination":["cmb84_<redacted>eva@hotmail.com"]}}
    
    --
    If you wish to stop receiving notifications from this topic, please click or visit the link below to unsubscribe:
    https://sns.us-west-2.amazonaws.com/unsubscribe.html?SubscriptionArn=arn:aws:sns:us-west-2:403<redacted>28-9b56-4a72d5adb44e&Endpoint=<redacted>
    
    Please do not reply directly to this email. If you have any questions or comments regarding this email, please contact us at https://aws.amazon.com/support
    Screen Shot 2016-07-07 at 23.35.23.png
     
  6. AppleAndMango

    AppleAndMango Active Member

    @Mouth Did you figure this out?

    I'm having the same issue...
     
  7. Mouth

    Mouth Well-Known Member

    I opened an official support ticket with XF, and they said it's not something they wish to support. Thus, only partial support for Amazon SES by XenForo.

    I now use https://xenforo.com/community/resources/bd-mails.2313/ which handles them appropriately.
     
  8. Jeremy P

    Jeremy P Well-Known Member

    Bounce notifications from SES work for me using the stock handlers, with nothing special configured on the SES side either. If you configure SNS email notifications for bounces and complaints in SES, XF will not be able to process them. If you just allow for regular delivery of these reports (not SNS), XF seems to ensure the reports get sent to the right place and can process them fine.
     
  9. AppleAndMango

    AppleAndMango Active Member

    I'm using this currently too...

    I'll give this a shot, thanks.
     
  10. Mouth

    Mouth Well-Known Member

    Be aware you'll only get hard/soft bounce handling. Spam complaints are still not handled.
     

Share This Page